Vulnerability Name: CVE-2003-0789 (CCN-13552) Assigned: 2003-10-24 Published: 2003-10-24 Updated: 2022-09-23 Summary: mod_cgid in Apache before 2.0.48, when using a threaded MPM, does not properly handle CGI redirect paths, which could cause Apache to send the output of a CGI program to the wrong client. CVSS v3 Severity: 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): ChangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
CVSS v2 Severity: 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
Vulnerability Type: CWE-noinfo Vulnerability Consequences: Obtain Information References: Source: CONFIRMhttp://apache.secsup.org/dist/httpd/Announcement2.html CVE-2003-0789 CLA-2003:775 apache http://docs.info.apple.com/article.html?artnum=61798 Welcome! - The Apache HTTP Server Project APPLE-SA-2004-01-26 http://lists.apple.com/mhonarc/security-announce/msg00045.html 20031031 GLSA: apache (200310-04) Updated httpd packages fix Apache security vulnerabilities 200310-04 Apache 2.0.48 Released Apache HTTP Server 2.0.48 Release Fixes Security Vulnerabilities O-015 Apache: buffer overflows and a possible information disclosure net-www/apache apache MDKSA-2003:103 Apache HTTP Server mod_cgid Threaded MPM CGI Output Misdirection RHSA-2003:320 HPSBUX0311-301 8926 Apache Web Server mod_cgid Module CGI Data Redirection Vulnerability 9504 Multiple Apple Mac OS X Operating System Component Vulnerabilities apache-modcgi-info-disclosure(13552) apache-modcgi-info-disclosure(13552) [httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html [httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html [httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html [httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html [httpd-cvs] 20210606 svn commit: r1075470 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html [httpd-cvs] 20210603 svn commit: r1075360 [1/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html [httpd-cvs] 20210330 svn commit: r1888194 [2/13] - /httpd/site/trunk/content/security/json/ [httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html [httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/ [httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ [httpd-cvs] 20210330 svn commit: r1073149 [3/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ [httpd-cvs] 20210330 svn commit: r1073139 [2/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ [httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ Vulnerable Configuration: Configuration 1 :cpe:/a:apache:http_server:*:*:*:*:*:*:*:* (Version >= 2.0.35 and < 2.0.48)Configuration CCN 1 :cpe:/a:apache:http_server:2.0.28:beta:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.0:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.0.38:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.0.39:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.0.42:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.0.47:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.0.48:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.0.40:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.0.46:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.0.28:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.0.32:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.0.35:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.0.36:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.0.37:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.0.41:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.0.32:beta:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.0.34:beta:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.0.43:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.0.44:*:*:*:*:*:*:* OR cpe:/a:apache:http_server:2.0.45:*:*:*:*:*:*:* AND cpe:/o:hp:hp-ux:11.00:*:*:*:*:*:*:* OR cpe:/o:hp:hp-ux:11.11:*:*:*:*:*:*:* OR cpe:/o:trustix:secure_linux:1.2:*:*:*:*:*:*:* OR cpe:/o:conectiva:linux:7.0:*:*:*:*:*:*:* OR cpe:/o:trustix:secure_linux:1.5:*:*:*:*:*:*:* OR cpe:/o:hp:hp-ux:11.20:*:*:*:*:*:*:* OR cpe:/o:conectiva:linux:8.0:*:*:*:*:*:*:* OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:* OR cpe:/o:redhat:linux:8.0:*:*:*:*:*:*:* OR cpe:/o:hp:hp-ux:11.22:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:* OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:* OR cpe:/o:redhat:linux:9.0:*:*:*:*:*:*:* OR cpe:/o:conectiva:linux:9.0:*:*:*:*:*:*:* OR cpe:/o:trustix:secure_linux:2.0:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:9.1::ppc:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1::x86_64:*:*:*:*:* BACK
apache http server *
apache http server 2.0.28 beta
apache http server 2.0
apache http server 2.0.38
apache http server 2.0.39
apache http server 2.0.42
apache http server 2.0.47
apache http server 2.0.48
apache http server 2.0.40
apache http server 2.0.46
apache http server 2.0.28
apache http server 2.0.32
apache http server 2.0.35
apache http server 2.0.36
apache http server 2.0.37
apache http server 2.0.41
apache http server 2.0.32 beta
apache http server 2.0.34 beta
apache http server 2.0.43
apache http server 2.0.44
apache http server 2.0.45
hp hp-ux 11.00
hp hp-ux 11.11
trustix secure linux 1.2
conectiva linux 7.0
trustix secure linux 1.5
hp hp-ux 11.20
conectiva linux 8.0
gentoo linux *
redhat linux 8.0
hp hp-ux 11.22
mandrakesoft mandrake linux 9.0
mandrakesoft mandrake multi network firewall 8.2
mandrakesoft mandrake linux corporate server 2.1
mandrakesoft mandrake linux 9.1
redhat linux 9.0
conectiva linux 9.0
trustix secure linux 2.0
mandrakesoft mandrake linux 9.2
mandrakesoft mandrake linux 9.1
mandrakesoft mandrake linux corporate server 2.1
Denotes that component is vulnerable